Lucene search
K

63 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-29028

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.00394EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-23718

Malicious code in bioql PyPI...

4.8CVSS6.2AI score0.00377EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-50717

Malicious code in bioql PyPI...

5.4CVSS8.7AI score0.00257EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-34693

Malicious code in bioql PyPI...

8.8CVSS4.8AI score0.00454EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2025/09/05 1:44 p.m.2 views

CVE-2025-58786 WordPress Ibtana – Ecommerce Product Addons plugin <= 0.4.7.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VW THEMES Ibtana – Ecommerce Product Addons ibtana-ecommerce-product-addons allows DOM-Based XSS.This issue affects Ibtana – Ecommerce Product Addons: from n/a through = 0.4.7.6...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.6 views

CVE-2023-47839

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin = 3.3.26 versions...

6.5CVSS6.9AI score0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/15 8:6 p.m.18 views

CVE-2024-11140 Real WP Shop Lite Ajax eCommerce Shopping Cart <= 2.0.8 - Admin+ Stored XSS

The Real WP Shop Lite Ajax eCommerce Shopping Cart WordPress plugin through 2.0.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for exampl...

0.00271EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/10 2:1 p.m.34 views

CVE-2025-26865 Apache OFBiz: Server-Side Template Injection affecting the ecommerce plugin leading to possible RCE

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: from 18.12.17 before 18.12.18. It's a regression between 18.12.17 and 18.12.18. In case you use something like that, which is not recommended! For security, only...

0.00623EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/27 2:22 p.m.40 views

CVE-2025-24626 WordPress Music Store – WordPress eCommerce Plugin <= 1.1.19 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople Music Store music-store allows Reflected XSS.This issue affects Music Store: from n/a through = 1.1.19...

7.1CVSS0.00246EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/07 11:23 p.m.6 views

WordPress Shopping Cart & eCommerce Store plugin <= 5.7.8 - Missing Authorization to Order Updates vulnerability

Missing Authorization to Order Updates vulnerability discovered by Lucio Sá in WordPress Plugin WP EasyCart versions = 5.7.8...

5.3CVSS7AI score0.00333EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.3 views

WordPress plugin Product Recommendation Quiz for eCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

6.5CVSS8.7AI score0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/21 7:2 a.m.17 views

CVE-2024-12771 eCommerce Product Catalog Plugin for WordPress <= 3.3.43 - Cross-Site Request Forgery to Password Reset

The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.43. This is due to missing or incorrect nonce validation on the 'customerpanelpasswordreset' function. This makes it possible for...

8.8CVSS0.00258EPSS
Exploits0References4
NVD
NVD
added 2024/12/07 10:15 a.m.9 views

CVE-2024-12253

The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'savesettings', 'exportcsv', and 'simpleecommcart-action' actions in all versions up to, and including, 3.1.2. This makes it...

5.4CVSS0.00257EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/07 9:27 a.m.10 views

CVE-2024-12128 Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal <= 3.1.2 - Reflected Cross-Site Scripting via monthly_sales_current_year Parameter

The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘monthlysalescurrentyear’ parameter in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This mak...

6.1CVSS6.3AI score0.00291EPSS
Exploits0References2
CVE
CVE
added 2024/12/07 9:27 a.m.48 views

CVE-2024-12128

CVE-2024-12128 : The WordPress plugin “Simple Ecommerce Shopping Cart Plugin – Sell products through Paypal” is vulnerable to Reflected Cross-Site Scripting via the monthly_sales_current_year parameter in all versions up to and including 3.1.2 due to insufficient input sanitization and output esc...

6.1CVSS6AI score0.00291EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/07 12:0 a.m.4 views

PT-2024-17451 · WordPress · The Simple Ecommerce Shopping Cart Plugin

Name of the Vulnerable Software and Affected Versions: The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress versions up to, and including, 3.1.2 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and...

6.1CVSS6.7AI score0.00291EPSS
Exploits0References7
OSV
OSV
added 2024/02/28 9:15 a.m.4 views

CVE-2024-1514

The WP eCommerce plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'cartcontents' parameter in all versions up to, and including, 3.15.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes ...

7.5CVSS7.3AI score0.00724EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.6 views

PT-2024-18104 · WordPress · Wp Ecommerce

Name of the Vulnerable Software and Affected Versions: WP eCommerce plugin for WordPress versions up to, and including, 3.15.1 Description: The issue is related to time-based blind SQL Injection via the cart contents parameter due to insufficient escaping on the user-supplied parameter and lack o...

9.8CVSS9.7AI score0.00724EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.4 views

PT-2024-18106 · WordPress · Wp Ecommerce

Name of the Vulnerable Software and Affected Versions: WP eCommerce plugin for WordPress versions up to, and including, 3.15.1 Description: The issue is related to unauthorized arbitrary post creation due to a missing capability check on the check for saas push function. This allows unauthenticat...

5.3CVSS9.5AI score0.00422EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.5 views

WordPress Plugin WP eCommerce Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS7.8AI score0.00724EPSS
Exploits0References3
Rows per page
Query Builder